We investigated how Patch Tuesday affects the volume and characteristics of malicious and unwanted traffic as observed by a large IPv4 (/8) darkspace monitor over the first six months of 2012. We did not discover significant changes in overall traffic volume following Patch Tuesday, but we found a significant increase of the number of active hosts sending to our darkspace monitor the day after Patch Tuesday for all six investigated months. Our early results suggest the effects of Patch Tuesday are worth deeper investigation. Detecting time intervals during which new sources become active can help tune sampling methods toward activity periods that likely contain more interesting information (i.e., many new malicious sources) than other time periods. © 2013 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Zseby, T., King, A., Brownlee, N., & Claffy, K. C. (2013). The day after patch tuesday: Effects observable in IP darkspace traffic. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7799 LNCS, pp. 273–275). Springer Verlag. https://doi.org/10.1007/978-3-642-36516-4_32
Mendeley helps you to discover research relevant for your work.